JaffaCakes118_a8c12805240df7ebf6542af6a2014637

General

Target

JaffaCakes118_a8c12805240df7ebf6542af6a2014637
Size

277KB
MD5

a8c12805240df7ebf6542af6a2014637
SHA1

e33ba1743bfc0f90c56b534b926132f21e46ac73
SHA256

67550f00f15faa15913e4909400b78c59b1b8369b62da89341e7687a02b97a94
SHA512

c50491a8aaa13bc9e996a8eca8db30276b0547902faff40a2397cfd77d91ab113a3fd8ec879fbc3982668c89f23c1312540d380e00e79055a58c5006b799462c
SSDEEP

6144:Ov1mQOf70/6XslCUk/OaLL/zS2RAzBMdJK9BnJa93e95u:i1mQU0SXICh/zLRAXBN9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a8c12805240df7ebf6542af6a2014637

Files

JaffaCakes118_a8c12805240df7ebf6542af6a2014637
.exe windows:4 windows x86 arch:x86

64c358200df9141f56d68531ad9d3b6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetFileType
GlobalAddAtomW
HeapCreate
IsBadReadPtr
SetHandleCount
HeapReAlloc
GetModuleFileNameA
GetCPInfo
FreeEnvironmentStringsA
FatalAppExitA
GetACP
SetFilePointer
GetEnvironmentStrings
WriteFile
SetUnhandledExceptionFilter
VirtualAlloc
WideCharToMultiByte
IsBadCodePtr
EnumResourceNamesA
FreeEnvironmentStringsW
GetEnvironmentVariableA
GetDateFormatW
HeapDestroy
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetEnvironmentStringsW
GetOEMCP
GetStdHandle
IsBadWritePtr
VirtualFree
GetStartupInfoA
GetCurrentThread

gdi32

GetGraphicsMode
PolylineTo
MoveToEx
IntersectClipRect
GetStockObject
LineTo
SetGraphicsMode
SetROP2
Rectangle
SetBrushOrgEx
PolyBezierTo
CloseFigure
GetClipBox
SelectClipPath
FillPath
GetWorldTransform
BeginPath
EndPath
CreatePatternBrush
PolyDraw

Sections

.text
Size: 147KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c358200df9141f56d68531ad9d3b6f

Headers

File Characteristics

Imports

setupapi

kernel32

gdi32

Sections

.text Size: 147KB - Virtual size: 279KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 147KB - Virtual size: 279KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 1024B - Virtual size: 4KB